DEVHIDE
Login Or Sign up

confluentinc/cp-kafka - No JAAS configuration section named 'Client' was found in specified JAAS configuration file

378 Views Asked by At

I'm trying to setup Kafka using the Confluent Docker image with SASL/SCRAM. I mainly followed the kafka-docker-playground repo section for SCRAM.

Here's my config:

docker-compose.yml

---
version: '3.5'
services:
  zookeeper:
    image: confluentinc/cp-zookeeper:7.3.0
    hostname: zookeeper
    container_name: zookeeper
    ports:
      - "9999:9999"
    volumes:
      - /zookeeper.sasl.jaas.conf:/etc/kafka/zookeeper.sasl.jaas.conf
    environment:
      ZOOKEEPER_CLIENT_PORT: 2181
      ZOOKEEPER_TICK_TIME: 2000
      KAFKA_JMX_PORT: 9999
      KAFKA_OPTS: "-Djava.security.auth.login.config=/etc/kafka/zookeeper.sasl.jaas.conf
          -Dzookeeper.authProvider.1=org.apache.zookeeper.server.auth.SASLAuthenticationProvider
          -Dzookeeper.allowSaslFailedClients=false
          -Dzookeeper.requireClientAuthScheme=sasl"
  broker:
    image: confluentinc/cp-kafka:7.3.0
    hostname: broker
    container_name: broker
    restart: always
    ports:
      - "9092:9092"
      - "29092:29092"
      - "10000:10000"
    volumes:
      - /kafka_broker.sasl.jaas.conf:/etc/kafka/kafka_broker.sasl.jaas.conf
    depends_on:
      - zookeeper
    environment:
      KAFKA_JMX_PORT: 10000
      KAFKA_JMX_HOSTNAME: localhost
      KAFKA_BROKER_ID: 1
      KAFKA_ZOOKEEPER_CONNECT: 'zookeeper:2181'
      KAFKA_LISTENER_SECURITY_PROTOCOL_MAP: SASL_PLAINTEXT:SASL_PLAINTEXT
      KAFKA_ADVERTISED_LISTENERS: SASL_PLAINTEXT://broker:9092
      KAFKA_SASL_ENABLED_MECHANISMS: SCRAM-SHA-256
      KAFKA_SASL_MECHANISM_INTER_BROKER_PROTOCOL: SCRAM-SHA-256
      KAFKA_INTER_BROKER_LISTENER_NAME: SASL_PLAINTEXT
      KAFKA_LISTENERS: SASL_PLAINTEXT://:9092
      KAFKA_OPTS: "-Djava.security.auth.login.config=/etc/kafka/kafka_broker.sasl.jaas.conf"

zookeeper.sasl.jaas.conf

Server {
   org.apache.zookeeper.server.auth.DigestLoginModule required
   user_zkadmin="zkadminpwd";
};

kafka_broker.sasl.jaas.conf

KafkaServer {
   org.apache.kafka.common.security.scram.ScramLoginModule required
   username="client"
   password="clientpwd"
   user_client="clientpwd";
};

Client {
   org.apache.zookeeper.server.auth.DigestLoginModule required
   username="zkadmin"
   password="zkadminpwd";
};

Complete logs of the broker service when running docker compose up -d

2023-07-05 11:38:21 ===> User
2023-07-05 11:38:21 uid=1000(appuser) gid=1000(appuser) groups=1000(appuser)
2023-07-05 11:38:21 ===> Configuring ...
2023-07-05 11:38:22 SASL is enabled.
2023-07-05 11:38:23 ===> Running preflight checks ... 
2023-07-05 11:38:23 ===> Check if /var/lib/kafka/data is writable ...
2023-07-05 11:38:23 ===> Check if Zookeeper is healthy ...
2023-07-05 11:38:23 [2023-07-05 09:38:23,910] INFO SASL is enabled. java.security.auth.login.config=/etc/kafka/kafka_broker.sasl.jaas.conf (io.confluent.admin.utils.ClusterStatus)
2023-07-05 11:38:23 [2023-07-05 09:38:23,921] INFO Client environment:zookeeper.version=3.6.3--6401e4ad2087061bc6b9f80dec2d69f2e3c8660a, built on 04/08/2021 16:35 GMT (org.apache.zookeeper.ZooKeeper)
2023-07-05 11:38:23 [2023-07-05 09:38:23,921] INFO Client environment:host.name=broker (org.apache.zookeeper.ZooKeeper)
2023-07-05 11:38:23 [2023-07-05 09:38:23,921] INFO Client environment:java.version=11.0.16.1 (org.apache.zookeeper.ZooKeeper)
2023-07-05 11:38:23 [2023-07-05 09:38:23,921] INFO Client environment:java.vendor=Azul Systems, Inc. (org.apache.zookeeper.ZooKeeper)
2023-07-05 11:38:23 [2023-07-05 09:38:23,921] INFO Client environment:java.home=/usr/lib/jvm/zulu11-ca (org.apache.zookeeper.ZooKeeper)
2023-07-05 11:38:23 [2023-07-05 09:38:23,921] INFO Client environment:java.class.path=/usr/share/java/cp-base-new/kafka-clients-7.3.0-ccs.jar:/usr/share/java/cp-base-new/metrics-core-4.1.12.1.jar:/usr/share/java/cp-base-new/audience-annotations-0.5.0.jar:/usr/share/java/cp-base-new/minimal-json-0.9.5.jar:/usr/share/java/cp-base-new/jackson-datatype-jdk8-2.13.2.jar:/usr/share/java/cp-base-new/logredactor-metrics-1.0.10.jar:/usr/share/java/cp-base-new/metrics-core-2.2.0.jar:/usr/share/java/cp-base-new/scala-library-2.13.5.jar:/usr/share/java/cp-base-new/gson-2.9.0.jar:/usr/share/java/cp-base-new/jackson-dataformat-yaml-2.13.2.jar:/usr/share/java/cp-base-new/logredactor-1.0.10.jar:/usr/share/java/cp-base-new/re2j-1.6.jar:/usr/share/java/cp-base-new/jolokia-jvm-1.7.1.jar:/usr/share/java/cp-base-new/disk-usage-agent-7.3.0.jar:/usr/share/java/cp-base-new/common-utils-7.3.0.jar:/usr/share/java/cp-base-new/json-simple-1.1.1.jar:/usr/share/java/cp-base-new/scala-logging_2.13-3.9.4.jar:/usr/share/java/cp-base-new/jolokia-core-1.7.1.jar:/usr/share/java/cp-base-new/kafka-storage-7.3.0-ccs.jar:/usr/share/java/cp-base-new/zstd-jni-1.5.2-1.jar:/usr/share/java/cp-base-new/zookeeper-jute-3.6.3.jar:/usr/share/java/cp-base-new/jackson-core-2.13.2.jar:/usr/share/java/cp-base-new/kafka_2.13-7.3.0-ccs.jar:/usr/share/java/cp-base-new/slf4j-api-1.7.36.jar:/usr/share/java/cp-base-new/scala-java8-compat_2.13-1.0.2.jar:/usr/share/java/cp-base-new/kafka-server-common-7.3.0-ccs.jar:/usr/share/java/cp-base-new/jackson-dataformat-csv-2.13.2.jar:/usr/share/java/cp-base-new/jackson-databind-2.13.2.2.jar:/usr/share/java/cp-base-new/kafka-raft-7.3.0-ccs.jar:/usr/share/java/cp-base-new/scala-reflect-2.13.5.jar:/usr/share/java/cp-base-new/jackson-annotations-2.13.2.jar:/usr/share/java/cp-base-new/lz4-java-1.8.0.jar:/usr/share/java/cp-base-new/zookeeper-3.6.3.jar:/usr/share/java/cp-base-new/jackson-module-scala_2.13-2.13.2.jar:/usr/share/java/cp-base-new/jose4j-0.7.9.jar:/usr/share/java/cp-base-new/scala-collection-compat_2.13-2.6.0.jar:/usr/share/java/cp-base-new/kafka-storage-api-7.3.0-ccs.jar:/usr/share/java/cp-base-new/slf4j-reload4j-1.7.36.jar:/usr/share/java/cp-base-new/snappy-java-1.1.8.4.jar:/usr/share/java/cp-base-new/reload4j-1.2.19.jar:/usr/share/java/cp-base-new/snakeyaml-1.30.jar:/usr/share/java/cp-base-new/utility-belt-7.3.0.jar:/usr/share/java/cp-base-new/kafka-metadata-7.3.0-ccs.jar:/usr/share/java/cp-base-new/commons-cli-1.4.jar:/usr/share/java/cp-base-new/jmx_prometheus_javaagent-0.14.0.jar:/usr/share/java/cp-base-new/paranamer-2.8.jar:/usr/share/java/cp-base-new/argparse4j-0.7.0.jar:/usr/share/java/cp-base-new/jopt-simple-5.0.4.jar (org.apache.zookeeper.ZooKeeper)
2023-07-05 11:38:23 [2023-07-05 09:38:23,921] INFO Client environment:java.library.path=/usr/java/packages/lib:/usr/lib64:/lib64:/lib:/usr/lib (org.apache.zookeeper.ZooKeeper)
2023-07-05 11:38:23 [2023-07-05 09:38:23,921] INFO Client environment:java.io.tmpdir=/tmp (org.apache.zookeeper.ZooKeeper)
2023-07-05 11:38:23 [2023-07-05 09:38:23,922] INFO Client environment:java.compiler=<NA> (org.apache.zookeeper.ZooKeeper)
2023-07-05 11:38:23 [2023-07-05 09:38:23,922] INFO Client environment:os.name=Linux (org.apache.zookeeper.ZooKeeper)
2023-07-05 11:38:23 [2023-07-05 09:38:23,922] INFO Client environment:os.arch=amd64 (org.apache.zookeeper.ZooKeeper)
2023-07-05 11:38:23 [2023-07-05 09:38:23,922] INFO Client environment:os.version=5.15.90.1-microsoft-standard-WSL2 (org.apache.zookeeper.ZooKeeper)
2023-07-05 11:38:23 [2023-07-05 09:38:23,922] INFO Client environment:user.name=appuser (org.apache.zookeeper.ZooKeeper)
2023-07-05 11:38:23 [2023-07-05 09:38:23,922] INFO Client environment:user.home=/home/appuser (org.apache.zookeeper.ZooKeeper)
2023-07-05 11:38:23 [2023-07-05 09:38:23,922] INFO Client environment:user.dir=/home/appuser (org.apache.zookeeper.ZooKeeper)
2023-07-05 11:38:23 [2023-07-05 09:38:23,922] INFO Client environment:os.memory.free=236MB (org.apache.zookeeper.ZooKeeper)
2023-07-05 11:38:23 [2023-07-05 09:38:23,922] INFO Client environment:os.memory.max=3966MB (org.apache.zookeeper.ZooKeeper)
2023-07-05 11:38:23 [2023-07-05 09:38:23,922] INFO Client environment:os.memory.total=248MB (org.apache.zookeeper.ZooKeeper)
2023-07-05 11:38:23 [2023-07-05 09:38:23,924] INFO Initiating client connection, connectString=zookeeper:2181 sessionTimeout=40000 watcher=io.confluent.admin.utils.ZookeeperConnectionWatcher@797badd3 (org.apache.zookeeper.ZooKeeper)
2023-07-05 11:38:23 [2023-07-05 09:38:23,926] INFO Setting -D jdk.tls.rejectClientInitiatedRenegotiation=true to disable client-initiated TLS renegotiation (org.apache.zookeeper.common.X509Util)
2023-07-05 11:38:23 [2023-07-05 09:38:23,932] INFO jute.maxbuffer value is 1048575 Bytes (org.apache.zookeeper.ClientCnxnSocket)
2023-07-05 11:38:23 [2023-07-05 09:38:23,936] INFO zookeeper.request.timeout value is 0. feature enabled=false (org.apache.zookeeper.ClientCnxn)
2023-07-05 11:38:23 [2023-07-05 09:38:23,962] WARN SASL configuration failed. Will continue connection to Zookeeper server without SASL authentication, if Zookeeper server allows it. (org.apache.zookeeper.ClientCnxn)
2023-07-05 11:38:23 javax.security.auth.login.LoginException: No JAAS configuration section named 'Client' was found in specified JAAS configuration file: '/etc/kafka/kafka_broker.sasl.jaas.conf'.
2023-07-05 11:38:23 at org.apache.zookeeper.client.ZooKeeperSaslClient.<init>(ZooKeeperSaslClient.java:189)
2023-07-05 11:38:23 at org.apache.zookeeper.ClientCnxn$SendThread.startConnect(ClientCnxn.java:1161)
2023-07-05 11:38:23 at org.apache.zookeeper.ClientCnxn$SendThread.run(ClientCnxn.java:1210)
2023-07-05 11:38:23 [2023-07-05 09:38:23,966] INFO Opening socket connection to server zookeeper/172.23.0.2:2181. (org.apache.zookeeper.ClientCnxn)
2023-07-05 11:38:23 [2023-07-05 09:38:23,970] ERROR Error occurred while connecting to Zookeeper server[zookeeper:2181]. Authentication failed.  (io.confluent.admin.utils.ClusterStatus)
2023-07-05 11:38:23 [2023-07-05 09:38:23,974] INFO Socket connection established, initiating session, client: /172.23.0.3:59042, server: zookeeper/172.23.0.2:2181 (org.apache.zookeeper.ClientCnxn)
2023-07-05 11:38:24 [2023-07-05 09:38:24,012] INFO Session establishment complete on server zookeeper/172.23.0.2:2181, session id = 0x10000a90a110000, negotiated timeout = 40000 (org.apache.zookeeper.ClientCnxn)
2023-07-05 11:38:24 [2023-07-05 09:38:24,018] WARN An exception was thrown while closing send thread for session 0x10000a90a110000. (org.apache.zookeeper.ClientCnxn)
2023-07-05 11:38:24 EndOfStreamException: Unable to read additional data from server sessionid 0x10000a90a110000, likely server has closed socket
2023-07-05 11:38:24 at org.apache.zookeeper.ClientCnxnSocketNIO.doIO(ClientCnxnSocketNIO.java:77)
2023-07-05 11:38:24 at org.apache.zookeeper.ClientCnxnSocketNIO.doTransport(ClientCnxnSocketNIO.java:350)
2023-07-05 11:38:24 at org.apache.zookeeper.ClientCnxn$SendThread.run(ClientCnxn.java:1290)
2023-07-05 11:38:24 [2023-07-05 09:38:24,121] INFO Session: 0x10000a90a110000 closed (org.apache.zookeeper.ZooKeeper)
2023-07-05 11:38:24 [2023-07-05 09:38:24,121] INFO EventThread shut down for session: 0x10000a90a110000 (org.apache.zookeeper.ClientCnxn)
2023-07-05 11:38:24 Using log4j config /etc/kafka/log4j.properties

Main error is: javax.security.auth.login.LoginException: No JAAS configuration section named 'Client' was found in specified JAAS configuration file: '/etc/kafka/kafka_broker.sasl.jaas.conf'.

The thing is that the JAAS config file for ZooKeeper is working, but not the one for the broker, even if they both have similar "volumes" properties, usage and JAAS format. Can anyone help me with that?

UPDATE 1:

I changed paths to a relative format surrounded by quotes:

volumes:
      - "./zookeeper.sasl.jaas.conf:/etc/kafka/zookeeper.sasl.jaas.conf"

Now, the error is located in ZooKeeper, but the JAAS file is effectively present in the container (see my answers below this post).

Logs of the zookeeper service:

2023-07-06 10:00:14 [2023-07-06 08:00:14,477] ERROR No JAAS configuration section named 'Server' was found in '/etc/kafka/zookeeper.sasl.jaas.conf'. (org.apache.zookeeper.server.ServerCnxnFactory)
2023-07-06 10:00:14 [2023-07-06 08:00:14,477] ERROR Unexpected exception, exiting abnormally (org.apache.zookeeper.server.ZooKeeperServerMain)
2023-07-06 10:00:14 java.io.IOException: No JAAS configuration section named 'Server' was found in '/etc/kafka/zookeeper.sasl.jaas.conf'.
2023-07-06 10:00:14     at org.apache.zookeeper.server.ServerCnxnFactory.configureSaslLogin(ServerCnxnFactory.java:265)
2023-07-06 10:00:14     at org.apache.zookeeper.server.NIOServerCnxnFactory.configure(NIOServerCnxnFactory.java:637)
2023-07-06 10:00:14     at org.apache.zookeeper.server.ZooKeeperServerMain.runFromConfig(ZooKeeperServerMain.java:158)
2023-07-06 10:00:14     at org.apache.zookeeper.server.ZooKeeperServerMain.initializeAndRun(ZooKeeperServerMain.java:112)
2023-07-06 10:00:14     at org.apache.zookeeper.server.ZooKeeperServerMain.main(ZooKeeperServerMain.java:67)
2023-07-06 10:00:14     at org.apache.zookeeper.server.quorum.QuorumPeerMain.initializeAndRun(QuorumPeerMain.java:140)
2023-07-06 10:00:14     at org.apache.zookeeper.server.quorum.QuorumPeerMain.main(QuorumPeerMain.java:90)
docker apache-kafka docker-compose sasl-scram
Original Q&A
0

There are 0 best solutions below

Related Questions in DOCKER

Related Questions in APACHE-KAFKA

Related Questions in DOCKER-COMPOSE

Related Questions in SASL-SCRAM

Trending Questions

Popular # Hahtags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json python-3.x ruby-on-rails .net sql-server swift django angular objective-c pandas excel

Popular Questions

Copyright © 2021 Jogjafile Inc.